This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.mft File: OPp_x3GCjPs5cigk9_3z7cSzxSk.mft (raw, json) Hash identifier: rzB/MxG6ZOlBPjJmw0zVRFfr2BnFbRPDdITbMRk9pBk= Subject key identifier: 52:50:67:36:F1:A4:5D:82:C5:11:29:15:A1:1C:7A:13:97:16:47:C1 Authority key identifier: 38:FA:7F:C7:71:82:8C:FB:39:72:28:24:F7:FD:F3:ED:C4:B3:C5:29 Certificate issuer: /CN=38fa7fc771828cfb39722824f7fdf3edc4b3c529 Certificate serial: 019AF27660FF56C1926E6AECBD753B426923 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OPp_x3GCjPs5cigk9_3z7cSzxSk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.mft Manifest number: 0157 Signing time: Sat 06 Dec 2025 07:00:35 +0000 Manifest this update: Sat 06 Dec 2025 07:00:35 +0000 Manifest next update: Sun 07 Dec 2025 07:00:35 +0000 Files and hashes: 1: OPp_x3GCjPs5cigk9_3z7cSzxSk.crl (hash: cjBGn1c+bSFe9lE/MG6xPazEMWrguyf+mPAd/B+XY0Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.mft rsync://rpki.ripe.net/repository/DEFAULT/OPp_x3GCjPs5cigk9_3z7cSzxSk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:60:ff:56:c1:92:6e:6a:ec:bd:75:3b:42:69:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38fa7fc771828cfb39722824f7fdf3edc4b3c529 Validity Not Before: Dec 6 07:00:35 2025 GMT Not After : Dec 7 07:00:35 2025 GMT Subject: CN=52506736f1a45d82c5112915a11c7a13971647c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:1b:29:ed:dd:b6:8a:fc:42:57:a9:c1:1e:f9: 5e:10:71:37:93:c0:0a:74:a4:27:6f:bf:89:85:12: 3b:be:eb:bd:b8:02:0e:61:a9:4e:d5:f5:2c:78:28: 06:f6:06:53:ef:3c:ca:53:22:b7:de:c9:43:b2:15: 68:f4:b8:63:d5:ad:60:a4:6b:9a:22:2c:25:44:76: 5b:d0:fa:37:e0:c2:8d:67:63:c9:25:e8:10:d7:ee: b5:f5:49:38:f6:0e:c8:46:7f:6e:b3:94:3c:d7:2e: 0a:aa:6a:c8:43:12:c9:3a:37:ec:63:d1:57:23:b6: 91:9e:cc:f0:4e:75:a3:12:be:8b:37:f9:1d:67:17: cd:02:ec:d7:70:47:dc:49:6d:e7:38:9d:97:68:2c: 91:92:60:da:ce:de:c9:9a:0d:f6:b5:05:cf:96:95: b2:ea:c2:1b:19:95:62:6c:2f:3f:3d:94:41:2d:72: 10:fd:5d:9d:b5:c7:ed:a8:10:ba:6e:38:2e:cc:f7: db:e3:bb:7b:e6:d5:cb:df:4f:4c:22:7a:54:36:9e: da:9c:7a:93:98:90:f1:bc:a3:2b:a6:b9:1e:a8:b1: 25:6e:a3:20:ff:76:36:fe:2f:a4:0d:c4:a9:bc:27: 9d:67:04:f2:c4:59:42:ed:11:eb:33:f6:d1:bd:d2: 22:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:50:67:36:F1:A4:5D:82:C5:11:29:15:A1:1C:7A:13:97:16:47:C1 X509v3 Authority Key Identifier: keyid:38:FA:7F:C7:71:82:8C:FB:39:72:28:24:F7:FD:F3:ED:C4:B3:C5:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPp_x3GCjPs5cigk9_3z7cSzxSk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:09:f3:05:88:81:b5:59:d3:8b:db:d0:2e:ef:ef:10:93:70: c0:44:3b:21:f0:8b:6b:cb:8c:35:1b:df:f9:57:85:99:ff:07: 95:4e:40:8b:ba:6d:b1:20:77:eb:48:60:b9:d8:0f:63:d8:ca: 4d:d8:69:56:84:be:a3:5c:cf:46:22:4f:02:9a:a5:ae:e1:49: 2a:0e:3f:bc:82:0b:07:49:91:53:61:fe:f9:3b:9e:32:f8:68: b4:77:8f:92:b2:4b:3b:e1:68:17:bf:96:c7:e9:cf:31:5e:51: ab:cb:99:f8:f8:ca:3e:25:21:c6:ec:3b:8b:8c:73:33:0f:2a: 29:ea:9f:bd:ba:2d:c4:9a:7b:78:95:a6:37:b1:63:b9:3b:c0: 69:1b:96:e9:94:e6:a1:30:ca:99:9f:38:fe:95:6c:d4:ed:c1: d6:46:9b:78:b4:5b:1b:a8:c2:e9:0a:24:dd:6f:23:42:04:5f: a5:73:3e:6b:5e:bd:b1:87:cd:ed:a3:74:67:6d:6d:a4:26:50: 58:da:8c:cd:74:32:65:99:44:ec:24:1c:ac:cc:1e:e9:0b:44: d5:f1:b3:40:17:c4:6b:2d:5b:ba:de:0c:28:dc:cc:39:ac:74: 5a:7d:54:28:a8:bf:95:1e:86:e8:63:61:bc:94:cf:0f:6e:93: 9a:a6:97:05 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydmD/VsGSbmrsvXU7QmkjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4ZmE3ZmM3NzE4MjhjZmIzOTcyMjgyNGY3ZmRmM2VkYzRi M2M1MjkwHhcNMjUxMjA2MDcwMDM1WhcNMjUxMjA3MDcwMDM1WjAzMTEwLwYDVQQD Eyg1MjUwNjczNmYxYTQ1ZDgyYzUxMTI5MTVhMTFjN2ExMzk3MTY0N2MxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxsp7d22ivxCV6nBHvleEHE3k8AK dKQnb7+JhRI7vuu9uAIOYalO1fUseCgG9gZT7zzKUyK33slDshVo9Lhj1a1gpGua IiwlRHZb0Po34MKNZ2PJJegQ1+619Uk49g7IRn9us5Q81y4KqmrIQxLJOjfsY9FX I7aRnszwTnWjEr6LN/kdZxfNAuzXcEfcSW3nOJ2XaCyRkmDazt7Jmg32tQXPlpWy 6sIbGZVibC8/PZRBLXIQ/V2dtcftqBC6bjguzPfb47t75tXL309MInpUNp7anHqT mJDxvKMrprkeqLElbqMg/3Y2/i+kDcSpvCedZwTyxFlC7RHrM/bRvdIiRQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFJQZzbxpF2CxREpFaEcehOXFkfBMB8GA1UdIwQY MBaAFDj6f8dxgoz7OXIoJPf98+3Es8UpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1BwX3gzR0NqUHM1Y2lnazlfM3o3Y1N6eFNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85NTFhMzMtZjg0MC00YWFjLTk1NTYt MTI5Nzc4Mjc1NWZkLzEvT1BwX3gzR0NqUHM1Y2lnazlfM3o3Y1N6eFNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS85NTFhMzMtZjg0MC00YWFjLTk1NTYtMTI5Nzc4Mjc1NWZk LzEvT1BwX3gzR0NqUHM1Y2lnazlfM3o3Y1N6eFNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVAnzBYiB tVnTi9vQLu/vEJNwwEQ7IfCLa8uMNRvf+VeFmf8HlU5Ai7ptsSB360hgudgPY9jK TdhpVoS+o1zPRiJPApqlruFJKg4/vIILB0mRU2H++TueMvhotHePkrJLO+FoF7+W x+nPMV5Rq8uZ+PjKPiUhxuw7i4xzMw8qKeqfvbotxJp7eJWmN7FjuTvAaRuW6ZTm oTDKmZ84/pVs1O3B1kabeLRbG6jC6Qok3W8jQgRfpXM+a169sYfN7aN0Z21tpCZQ WNqMzXQyZZlE7CQcrMwe6QtE1fGzQBfEay1but4MKNzMOax0Wn1UKKi/lR6G6GNh vJTPD26TmqaXBQ== -----END CERTIFICATE-----Generated at Sat Dec 6 10:46:53 2025 by rpki-client